<?php 
 
//Begin//Xay dung chuoi XML chua gi tri cua 
$v_list_xml_tag = "";
if(isset($_REQUEST['hdn_list_xml_tag'])){
	$v_list_xml_tag = $_REQUEST['hdn_list_xml_tag'];
}
$v_list_xml_value = "";
if(isset($_REQUEST['hdn_list_xml_value'])){
	$v_list_xml_value = $_REQUEST['hdn_list_xml_value'];
}
$strXML = '<?xml version="1.0" encoding="UTF-8"?><root><data_list>';
for ($i=0;$i<_list_get_len($v_list_xml_tag,_CONST_SUB_LIST_DELIMITOR);$i++){
	$strXML = $strXML ."<"._list_get_at($v_list_xml_tag,$i,_CONST_SUB_LIST_DELIMITOR).">";
	$strXML = $strXML .trim(_replace_XML_bad_char(_list_get_at($v_list_xml_value,$i,_CONST_SUB_LIST_DELIMITOR)));
	$strXML = $strXML ."</"._list_get_at($v_list_xml_tag,$i,_CONST_SUB_LIST_DELIMITOR).">";
}
$strXML = $strXML . "</data_list></root>";
//End//Lay danh sach cac the XML va gia tri tuong ung voi tung the do
$v_username = "";
if(isset($_REQUEST['txt_username'])){
	$v_username = _replace_bad_char($_REQUEST['txt_username']);
}
$v_password = "";
if(isset($_REQUEST['txt_password'])){
	$v_password = _replace_bad_char($_REQUEST['txt_password']);
}
$v_question = "";
if(isset($_REQUEST['hdn_question'])){
	$v_question = _replace_bad_char($_REQUEST['hdn_question']);
}

$v_answer = "";
if(isset($_REQUEST['txt_answer'])){
	$v_answer = _replace_bad_char($_REQUEST['txt_answer']);
}

$v_random_number = "";
if(isset($_REQUEST['txt_random_number'])){
	$v_random_number = _replace_bad_char($_REQUEST['txt_random_number']);
}

if (!isset($_SESSION['citizen_username']) && $v_random_number != $_SESSION['str_random']){?>
	<script>
		alert("Hãy nhập lại mã như hình kèm theo");
		if (_MODAL_DIALOG_MODE==1){
			window.location = "<?php echo $v_goto_url; ?>";
		}else{
			window.history.back();
		}	
	</script><?php
	exit;
}

if (!isset($_SESSION['citizen_username'])){
	$v_citizen_id = 0;
	$v_fusaction = "DISPLAY_SINGLE_CITIZEN_RESULT";
}else{
	$v_citizen_id = 2;
	$v_fusaction = "DISPLAY_SINGLE_CITIZEN";
}

$v_password = md5($v_password);

if(_is_sqlserver()){
	$v_xml_date_id = _save_XML_to_database('T_TEMP_FILE', 'PK_TEMP_FILE', 'C_TEXT', $strXML);
	//Cap nhat noi dung cau hoi
	$sql = "Exec Onegate_CitizenUpdate " ;
	$sql = $sql . " " .  $v_citizen_id ;
	$sql = $sql . ",'" . $v_username . "'"  ;
	$sql = $sql . ",'" . $v_password ."'";
	$sql = $sql . ",'" . $v_question . "'" ;
	$sql = $sql . ",'" . $v_answer . "'" ;
	$sql = $sql . "," . $v_xml_date_id ;
	//echo $sql; exit;
	$ado_conn->SetFetchMode(ADODB_FETCH_ASSOC);
	$rs = $ado_conn->GetRow($sql); 
	$v_error = _replace_bad_char(trim($rs['RET_ERROR']));
}
sleep(0);
if (!is_null($v_error) && $v_error<>""){?>
	<script>
		alert("<?php echo $v_error; ?>");
		if (_MODAL_DIALOG_MODE==1){
			window.location = "<?php echo $v_goto_url; ?>";
		}else{
			window.history.back();
		}	
	</script><?php
	exit;
}
?>
<form action="index.php" method="post" name="f_back">
	<input type="hidden" name="fuseaction" value="<?php echo $v_fusaction ?>">
</form>
<Script language="javascript">
	document.forms(0).submit();
</Script>